package me.dwliu.lab.demo.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * 资源服务器
 *
 * @author liudw
 * @date 2020/6/29 10:45
 **/
@Configuration
@EnableResourceServer
public class CustomResourceServerConfig extends ResourceServerConfigurerAdapter {

    // @Override
    // public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    //     super.configure(resources);
    // }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        // super.configure(http);
        http
                .authorizeRequests()
                // .antMatchers("/member/**").permitAll()
                .antMatchers("/member/info").access("#oauth2.hasScope('get_user_info')")
                .antMatchers("/member/me").access("#oauth2.hasScope('get_user_me')")
                .anyRequest().authenticated();

    }
}
